In the Claims; 

Please amend claims 54, 56-57, 59-60, 62, 64-65, and 67-68. The claims are as follows: 
1-24. (Canceled) 

25. (Canceled) 

26. (Previously presented) A method for recording server authentication information, said 
method comprising: 

establishing, by a first server of a plurality of servers in a federated computing 
environment, a trusting relationship between the furst server and a second server of the plurality 
of servers, wherein said establishing the trusting relationship comprises exchanging, by tbe first 
server, an electronic certificate of ffcie first server with an electronic certificate of the second 
server in accordance with a Public Key Infrastructure (PKI) method; 

after said establishing the trusting relationship, obtaining by the first server an 
authentication policy of the second server, wherein an authentication policy for each server of the 
plurality of servers is defined as at least one rule of each server for authenticating users of the 
federated computing environment; and 

after said obtaining the authentication policy of the second server, registering by the first 
server the authentication policy of the second server within the first server. 



27. (Canceled) 
S/N: 10/598,875 



3 



28. (Previously presented) The method of claim 26, wherein the at least one rule includes a data 
size for fingerprint authentication, a data size for voice print authentication, or a combination 
thereof 

29. (Canceled) 

3 0. (Previously presented) The method of claim 26, wherein said registering the authentication 
policy of the second server comprises registering the authentication policy of the second server in 
an authentication policy table of the first server, wherein the authentication policy table of the 
first server comprises an authentication policy of each server of the plurality of servers registered 
therein, and wherein the aiuthentication policy table of the first server fiulher comprises: 
a server address of each server registered therein; and 

a relative priority of each server of a group of servers having a same authentication policy 
in the authentication policy table. 

3 1 . (Previously presented) The method of claim 26, wherein said registering the authentication 
policy of the second server comprises registering the authentication policy of the second server in 
an authentication policy table of the first server, whereia the authentication policy table of the 
first server comprises an authentication policy of each server of the plurality of servers registered 
therein, wherein the authentication policy of the second server is identical to an authentication 
policy of the first server, wherein a first common user identifier (ID) exists in an authentication 
information Lightweight Directory Access Protocol (LDAP) of the first server and in an 
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authentication information LDAP of the second server, wherein the first common user ED is used 
by a furst user in the first server and by a second user in the second server such that the second 
user differs firom the first user, and wherein the method furttier comprises: 

after said registering the authentication policy of the second server, registering by the first 
server the first common user ID in a exceptional ID table of the first server, wherein the 
exceptional ID table of the first server stores common user IDs and an indication of one or more 
servers associated with each common user ED stored in the exceptional ID table of the first 
server. 

32-49. (Canceled) 

50. (Previously presented) The method of claim 26, wherein the at least one rule consists of four 
rules, said four rules consisting of a number of alphabetic characters of a user identification (ED), 
a mraiber of numeric characters of the user ED, a data size for fiingerprint authentication, and a 
data size for voice print authentication. 

51. (Previously presented) The method of claim 26, wherein the method further comprises: 

receiving, by the first server, an access request firom a user to access the federated 

computing environment, wherein the first server comprises an authentication policy table that 
comprises the authentication policy of each server of the plurality of servers registered therein; 

after said receiving the access request, receiving by the first server input authentication 
information firom the user; 
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obtaining, by the first server, a server address of the second server, w^herein the 
authentication poUcy of the second server matches an authentication policy of the first server; 

transmitting, by the first server to the second server via the server address of the second 
server, the input authentication information; 

after said transmitting the input authentication information to the second server, receiving 
by the first server from the second server a notification that the second server has successfully 
authorized the user; and 

after said receiving the notification that the second server has successfully authorized the 
user, permitting the user to access the federated computing environment, wherein said permitting 
is performed by the first server. 

52. (Previously presented) The method of claim 51, wherein after said transmitting the input 
authentication information to the second server and before said permitting the user to access the 
federated computing environment, the method further comprises: 

receiving by the first server from the second server a token that may be used by the user 
to access the federated computiag environment; and 

sending, by the first server, the token to the user. 

53. (Previously presented) The method of claim 52, whereiu the token is a credential and a 
cookie. 
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54. (Currently amended) A system for recording server authentication information, said system 
comprising: 



computing environment; and 

a computer readable storage medium; comprising program code stored therein, said 
program code configured to be executed by the fii - st server to perform a metliod for recordmg 
server autlientication information, said method comprising : 

first program code for establishing, by the first server, a trusting relationship between the 
first server and a second server comprised by the plurality of servers, wherein said establishing 
the trusting relationship comprises exchanging, by the first server, an electronic certificate of the 
first server with an electronic certificate of the second server in accordance with a Public Key 
Infrastructure (PKI) method; 

after said establishing tlie trusting relationship, second program code for obtaining by the 
furst server an authentication policy of the second server after said establishing the trusting 
relationship , wherein an authentication policy for each server of the plurality of servers is defined 
as at least one rule of each server for authenticating users of the federated computing 
environment; and 



registering by the first server the authentication policy of the second server within the first server 
after said obtaining the authentication policy of the second server, 

wherein the first program code, the second program code, and the third program code are 
stored on the computer readable storage medium . 



a first serve 




of a plurality of servers in a federated 




r; third program code for 
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55. (Previously presented) The system of claim 54, wherein the at least one rale includes a data 
size for fmgerprint authentication, a data size for voice print authentication, or a combination 
thereof. 



56. (Currently amended) The system of claim 54, wherein said third program code for registering 
the authentication policy of the second server comprises code for registering the authentication 
policy of the second server in an authentication policy table of the first server, wherein the 
authentication policy table of the first server comprises an authentication policy of each server of 
the plurality of servers registered therein, wherein the authentication policy table of the first 
server further comprises: 

a server address of each server registered therein; and 

a relative priority of each server of a group of servers having a same authentication policy 
in the authentication policy table. 

57. (Ciixrently amended) The system of claim 54, wherem said third program code for registering 
the authentication poUcy of the second server comprises code for registering the authentication 
policy of the second server in an authentication policy table of the first server, wherein the 
authentication policy table of the first server comprises an authentication policy of each server of 
the plurality of servers registered therein, wherein the authentication policy of the second server 
is identical to an authentication policy of the furst server, wherein a fixst common user identifier 
(ID) exists in an authentication information Lightweight Directory Access Protocol (LDAP) of 
the Gist server and in an authentication information LDAP of the second server, wherein the first 
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common user ID is used by a first user in the first server and by a second user in the second 
server such that the second user differs from the first user, and wherein the mctiiod system 
further comprises: 



on the computer readable storage medium, for registering by the first server the first common 
user ID in a exceptional ID table of the first server after said registering the authentication policy 
of the second server, wherein the exceptional ID table of the first server stores common user IDs 
and an indication of one or more servers associated with each common user ID stored in the 
exceptional ID table of the first server. 

58. (Previously presented) The system of claim 54, wherein the at least one rule consists of four 
rules, said four rules consisting of a number of alphabetic characters of a user identification (ID), 
a number of numeric characters of the user ID, a data size for fingerprint authentication, and a 
data size for voice print authentication. 

59. (Currently amended) The system of claim 54, wherein the metttod system further comprises: 

fourth program code for receiving, by the first server, an access request firom a user to 
access the federated computing environment, wherein the first server comprises an authentication 
policy table that comprises the authentication policy of each server of the pliffality of servers 
registered therein; 




r: program code, stored 




le for receiving by the first server 



input authentication information from the user after said receiving the access request : 
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sixth program code for obtaining, by the first server, a server address of the second server, 
wherein the authentication policy of the second server matches an authentication policy of the 
first server; 



server address of the second server, the mput authentication information; 

after said transmitting the input authentication infomiation to the second server, gi^itih 
program code for receiving by the first server firom the second server a notification that the 
second server has successfully authorized the user after said transmitting the input authentication 
information to the second server: and 

after said rcceivmg the notification tliat the second server has successfully authorized tli e 
userj ninth program code for permitting the user to access the federated computing environment, 
wherein said permitting is performed by the fibrst server after said receiving the notification that 
the second server has successfiilly authorized the user. 

wherein the fourth program code, the fifth program code, the sixth program code, the 
seventh program code, the eighth program code, and the ninth pro gram code are stored on the 
computer readable storage medium . 

60. (Previously presented) The system of claim 59, wherein after said transmitting the input 
authentication information to the second server and before said permittmg the user to access the 
federated computing e nv k omnent, tlie method the system fijrther comprises: 

tenth program code for receivmg by the first server fi:om the second server a token that 
may be used by the user to access the federated computing enviroimient after said transmitting 





code for transmitting, by the first server to the second server via the 
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the input authentication information to the second server and before said permitting the user to 

access the federated computing enviroimient : and 

eleventh program code for sending, by the first server, the token to the user ^ 
wherein the tenth program code and the eleventh program code are stored on the 

computer readable storage medium . 

61 . (Previously presented) The system of claim 60, wherein the token is a credential and a 
cookie. 

62. (Currently amended) A computer program product for recording server authentication 
information, said computer program product comprising: 



a computer readable storage medium ;, said computer readable storage medium 

comprising program code stored tfaerem, said program code configured to be executed by a first 
server to peiform a method for recording server authentication information, sa i d fnst s e rver bemg 
comprised by a plurality of serve r s in a federated computing envu - onment, said method 
comprismg: 

first program code for establishing, by [[the]] a first server of a plurality of servers, a 
trusting relationship between the first server and a second server comprised by the plurality of 
servers, wherein said establishing the trusting relationship comprises exchanging, by the first 
server, an electronic certificate of the first server with an electronic certificate of the second 
server in accordance with a Public Key Infrastructure (PKI) method; 
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after said e stablisliing the trusting relationsMp, second program code for obtaining by the 
first server an authentication policy of the second server after said establishing the trusting 
relationship, wherein an authentication policy for each server of the plurality of servers is defined 
as at least one rule of each server for authenticating users of the federated computing 
environment; and 

registering by the first server the authentication policy of the second server within the first server 
after said nhtaim'n p the authentication policy of the second server. 

wherein the first program code, the second program code, and the third program code are 
stored on the computer readable storage medium . 



63. (Previously presented) The computer program product of claim 62, wherein the at least one 
rule includes a data size for fingerprint authentication, a data size for voice print authentication, 
or a combination thereof. 



64. (Currently amended) The computer program product of claim 62, wherein said third program 
code for registering the authentication policy of the second server comprises code for registering 
the authentication policy of the second server in an authentication policy table of the first server, 
wherein the authentication policy table of the first server comprises an authentication policy of 
each server of the plurality of servers registered therein, wherein the authentication policy table 
of the first server further comprises: 

a server address of each server registered therein; and 
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a relative priority of each server of a group of servers having a same authentication policy 
in the authentication policy table. 



65. (Currently Amended) The computer program product of claim 62, wherein said third program 
code for registering the authentication policy of the second server comprises code for registering 
the authentication policy of the second server in an authentication policy table of the first server, 
wherein the authentication policy table of the first server comprises an authentication policy of 
each server of the plurality of servers registered therein, wherein the authentication policy of the 
second server is identical to an authentication policy of the first server, wherem a first common 
user identifier (ED) exists in an authentication information Lightweight Directory Access Protocol 
(LDAP) of the first server and in an authentication information LDAP of the second server, 
wherein the first common user ID is used by a first user in the first server and by a second user in 
the second server such that the second user differs firom the fibrst user, and wherein the mctliod 
computer program product further comprises: 

on the computer readable storage medium, for registering by the first server the first common 
user ID in a exceptional ID table of the first server after said registering the authentication policv 
of the second server, wherein the exceptional ID table of the first server stores common user IDs 
and an indication of one or more servers associated with each common user ID stored in the 
exceptional ID table of the first server. 
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66. (Previously presented) The computer program product of claim 62, wherein the at least one 
rule consists of four rules, said four rules consisting of a number of alphabetic characters of a 
user identification (ED), a number of numeric characters of the user ID, a data size for fingerprint 
authentication, and a data size for voice print authentication. 

67. (Currently amended) The computer program product of claim 62, wherein the metiiod 
computer program product further comprises: 

fourth propram code for receiving, by the first server, an access request firom a user to 
access tiie federated computing environment, wherein the first server comprises an authentication 
policy table that comprises the authentication policy of each server of the plurality of servers 
registered therein; 

input authentication information firom the user after said receiving the access request : 

sixth program code for obtaining, by the first server, a server address of the second server, 
wherein the authentication policy of the second server matches an authentication policy of the 
first server; 

seventh program code for transmitting, by the fu:st server to the second server via the 
server address of the second server, the input authentication mformation; 

after said t r ansmitting the input authentication uiformation to the second server, ei^t& 
program code for receiving by the first server firom the second server a notification that the 
second server has successfiiUy authorized the user after said transmitting the input authentication 
information to the second server: and 
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after said re ceiving the notification that tlie second sei-ver has successfully authorized th e 
ttser; ninth program code for permitting the user to access the federated computing environment, 
wherein said permitting is performed by the first server after said receiving the notification that 
the second server has successfully authorized the user. 

wherein the fourth program code, the fifth program code, the sixth program code, the 
seventh program code, the eighth program code, and the ninth program code are stored on the 
computer readable storage medium . 

68. (Currently amended) The computer program product of claim 67, wherein after said 
transmitting the input authentication uifonnation to the second server and befor e said permitting 
th e user to access tlie federated computing envu - onment. tlie method the computer program 
product further comprises: 

tenth program code for receiving by the first server fi:om the second server a token that 
may be used by the user to access the federated computing environment after said transmitting 
the input authentication information to the second server and before said permitting the user to 
access the federated computing environment : and 

eleventh program code for sending, by the first server, the token to the user ^ 
wherein the tenth program code and the eleventh program code are stored on the 
computer readable storage medium . 

69. (Previously presented) The computer program product of claim 68, wherein the token is a 
credential and a cookie. 
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